A vulnerability was found in GL.iNet GL-AR300M up to 4.3.7. It has been declared as critical. This vulnerability affects unknown code of the component OpenVPN Client File Upload. The manipulation leads to path traversal.
This vulnerability was named CVE-2023-46455. The attack can only be done within the local network. There is no exploit available.